My app recently got rejected with the following:
Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage
We noticed that your app requests the user’s consent to access the photos, but doesn’t sufficiently explain the use of the photos in the purpose string.
To help users make informed decisions about how their data is used, permission request alerts need to explain and include an example of how your app will use the requested information.
Next Steps
Please revise the purpose string in your app’s Info.plist file for the photos to explain why your app needs access and include an example of how the user's data will be used.
You can modify your app's Info.plist file using the property list editor in Xcode.
I know this has been asked before on here, but I'm not sure how to proceed as I felt what I added in my Info.plist file is accurate. Here is what I currently have in my Privacy - Camera Usage Description: Allow access to photos to upload photos from your library
I also have it it my Privacy - Photo Library Usage Description: Allow access to photos to upload photos from your library
How would you recommend I update the string or do I need to update my photo description elsewhere as well.
The "purpose" is not what the app does, it is "why would the user agree to give you consent?"
Here's a good summary from Apple:
Accurately and concisely explaining to the person why your app needs access to sensitive data, typically in one complete sentence, lets the person make an informed decision and improves the chances that they grant access. -> Requesting access to protected resources
Also, I would remove any purpose strings that you do not actually use. In the past, some people have carelessly said: just stick a block of default purpose strings in your apps to shut off build and submit errors). I think that's a bad idea, because Apple is constantly tuning their approval process.
In the example you gave, if I were a reviewer, I would be confused by the two purpose strings. I would also be concerned you don't understand what the strings specifically mean. (Which is okay, the Apple docs confused me for a long time as well...)
The camera permission is for "can my app use the camera on the device?" It has nothing to do with Photo access. After capturing an image, many apps do want to save the photos inside the device's photo library, so that purpose string is often needed as well.
Also, remember that users might give permission to one or the other, so you code has to have modular privacy, even if you think it should be all-or-nothing.